← Back to exam page

SC-200 Microsoft Security Operations Analyst

Loading demo links...

Showing 4–6 of 15 questions

Question 4 (Mixed Questions)

HOTSPOT

You purchase a Microsoft 365 subscription.

You plan to configure Microsoft Cloud App Security.

You need to create a custom template-based policy that detects connections to Microsoft 365 apps that originate from a botnet network.

What should you use? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Hot Area:

Answer is in the explanation below.

Question 5 (Mixed Questions)

Your company deploys the following services:

Microsoft Defender for Identity

Microsoft Defender for Endpoint

Microsoft Defender for Office 365

You need to provide a security analyst with the ability to use the Microsoft 365 security center. The analyst must be able to approve and reject pending actions generated by Microsoft Defender for Endpoint. The solution must use the principle of least privilege.

Which two roles should assign to the analyst? Each correct answer presents part of the solution.

NOTE: Each correct selection is worth one point.

Select all that apply, then click Submit answer.

  • the Compliance Data Administrator in Azure Active Directory (Azure AD)

  • the Active remediation actions role in Microsoft Defender for Endpoint

  • the Security Administrator role in Azure Active Directory (Azure AD)

  • the Security Reader role in Azure Active Directory (Azure AD)
Question 6 (New Update)

Your company deploys the following services:

You need to provide a security analyst with the ability to use the Microsoft 365 security center. The analyst must be able to approve and reject pending actions generated by Microsoft Defender for Endpoint. The solution must use the principle of least privilege.

Which two roles should assign to the analyst? Each correct answer presents part of the solution.

NOTE: Each correct selection is worth one point.

Select all that apply, then click Submit answer.

  • the Compliance Data Administrator in Azure Active Directory (Azure AD)

  • the Active remediation actions role in Microsoft Defender for Endpoint

  • the Security Administrator role in Azure Active Directory (Azure AD)

  • the Security Reader role in Azure Active Directory (Azure AD)